Putting the Sec in “DevSecOps”, automating cloud security as an enabler

Logo
Presented by

Matt Johnson, Developer Advocate for Bridgecrew.io

About this talk

The security function in most development environments is broken. With engineers focused on features and devops allowing them to move rapidly and self-provision around their own hurdles, it’s impossible for reactive, traditional security tools to keep up with an ever changing production environment. Even with a security engineer within the team, the chance of catching every bad-default in Terraform, or hidden * in a wide-open IAM policy is next to impossible with the ever growing suite of cloud services. In this talk, we’ll show how to, with very little effort, shift security left into code, enabling automated scanning and highlighting of security risks at build time, with helpful remediation advice for all. Knowing is the first step to improving, and automation makes knowing easy. You bring your DevOps pipeline, we’ll show you how.
Related topics:

More from this channel

Upcoming talks (5)
On-demand talks (144)
Subscribers (97795)
IT service management forms the backbone of any forward looking IT infrastructure. Whether it’s the latest trends, techniques or strategies, the content in this channel will help you optimize your organization's IT operations.